pthread_exit(NULL);
}
+ LiveDevice *device = LiveGetDevice("lib0");
+ assert(device != NULL);
+
int datalink = pcap_datalink(fp);
+ int count = 0;
struct pcap_pkthdr pkthdr;
const u_char *packet;
while ((packet = pcap_next(fp, &pkthdr)) != NULL) {
- if (TmModuleLibHandlePacket(tv, packet, datalink, pkthdr.ts, pkthdr.len, 0, 0, NULL) != 0) {
+ if (TmModuleLibHandlePacket(tv, device, packet, datalink, pkthdr.ts, pkthdr.len, 0, 0) !=
+ 0) {
pthread_exit(NULL);
}
+
+ (void)SC_ATOMIC_ADD(device->pkts, 1);
+ count++;
}
pcap_close(fp);
/* Force logging to the current directory. */
ConfSetFromString("default-log-dir=.", 1);
+ if (LiveRegisterDevice("lib0") < 0) {
+ fprintf(stderr, "LiveRegisterDevice failed");
+ exit(1);
+ }
+
SuricataInit();
/* Create and start worker on its own thread, passing the PCAP
/** \brief process a single packet.
*
* \param tv Pointer to the per-thread structure.
+ * \param device Pionter to LiveDevice instance
* \param data Pointer to the raw packet.
* \param datalink Datalink type.
* \param ts Timeval structure.
* \param len Packet length.
* \param tenant_id Tenant id of the detection engine to use.
* \param flags Packet flags (packet checksum, rule profiling...).
- * \param iface Sniffing interface this packet comes from (can be NULL).
* \return Error code.
*/
-int TmModuleLibHandlePacket(ThreadVars *tv, const uint8_t *data, int datalink, struct timeval ts,
- uint32_t len, uint32_t tenant_id, uint32_t flags, const char *iface)
+int TmModuleLibHandlePacket(ThreadVars *tv, LiveDevice *device, const uint8_t *data, int datalink,
+ struct timeval ts, uint32_t len, uint32_t tenant_id, uint32_t flags)
{
/* If the packet is NULL, consider it as a read timeout. */
p->datalink = datalink;
p->tenant_id = tenant_id;
p->flags |= flags;
-
- /* Set the sniffing interface. */
- if (iface) {
- p->livedev = LiveGetDevice(iface);
- }
+ p->livedev = device;
if (PacketSetData(p, data, len) == -1) {
TmqhOutputPacketpool(tv, p);
#define SURICATA_SOURCE_LIB_H
#include "tm-threads.h"
+#include "util-device.h"
/** \brief register a "Decode" module for suricata as a library.
*
* \param iface Sniffing interface this packet comes from (can be NULL).
* \return Error code.
*/
-int TmModuleLibHandlePacket(ThreadVars *tv, const uint8_t *data, int datalink, struct timeval ts,
- uint32_t len, uint32_t tenant_id, uint32_t flags, const char *iface);
+int TmModuleLibHandlePacket(ThreadVars *tv, LiveDevice *device, const uint8_t *data, int datalink,
+ struct timeval ts, uint32_t len, uint32_t tenant_id, uint32_t flags);
#endif /* SURICATA_SOURCE_LIB_H */
projects / thirdparty / suricata.git / commitdiff
